package httputil.okhttpinterceptor;

import javax.net.ssl.SSLContext;
import javax.net.ssl.X509TrustManager;

public interface SecurityContext {
    /**
     * Returns the SSLContext for an SSL client.
     * @return	the SSL context
     */
    SSLContext getSSLContext();

    /**
     * Set the context without a trust manager
     * @param context - the SSLContext object required for the SSL connection
     * @deprecated	(as of 4.0.1) use SecurityContext.withSSLContext(SSLContext,X509TrustManager)
     */
    @Deprecated
    void setSSLContext(SSLContext context);

    /*
     * Returns the host verifier.
     * @return	the host verifier
     */
    SSLHostnameVerifier getSSLHostnameVerifier();

    /**
     * Specifies the host verifier for a client that verifies hosts for
     * additional security.
     * @param verifier	the host verifier
     */
    void setSSLHostnameVerifier(SSLHostnameVerifier verifier);

    /**
     * Set the context without a trust manager
     * @param context - the SSLContext object required for the SSL connection
     * @deprecated	(as of 4.0.1) use SecurityContext.withSSLContext(SSLContext,X509TrustManager)
     * @return a context containing authentication information
     */
    @Deprecated
    SecurityContext withSSLContext(SSLContext context);

    /**
     * The SSLContext should be initialized with KeyManager and TrustManager
     * using a KeyStore. <br>
     * <br>
     *
     * If we init the sslContext with null TrustManager, it would use the
     * &lt;java-home&gt;/lib/security/cacerts file for trusted root certificates, if
     * javax.net.ssl.trustStore system property is not set and
     * &lt;java-home&gt;/lib/security/jssecacerts is not present. See <a href =
     * "http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html">JSSE
     * Reference Guide</a> for more information on SSL and TrustManagers.<br>
     * <br>
     *
     * If self signed certificates, signed by CAs created internally are used,
     * then the internal CA's root certificate should be added to the keystore.
     * See this <a href =
     * "https://docs.oracle.com/cd/E19226-01/821-0027/geygn/index.html">link</a>
     * for adding a root certificate in the keystore.
     *
     * @param context - the SSLContext object required for the SSL connection
     * @param trustManager - X509TrustManager with which we initialize the
     *          SSLContext
     * @return a context containing authentication information
     */
    SecurityContext withSSLContext(SSLContext context, X509TrustManager trustManager);

    /**
     * Specifies the host verifier for a client that verifies hosts for
     * additional security.
     * @param verifier	the host verifier
     * @return a context configured with the host verifier
     */
    SecurityContext withSSLHostnameVerifier(SSLHostnameVerifier verifier);
}
